
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCICET NO. 


CONFIRMATION NO. 


09/680,599 


10/06/2000 


Richard R. Wessman 


OR00-03802 


1833 



22835 7590 12/22/2003 

PARK, VAUGHAN & FLEMING LLP 
508 SECOND STREET 
SUITE 201 
DAVIS, CA 95616 



EXAMINER 



BETIT, JACOB F 



ART UNIT 



PAPER NUMBER 



2175 

DATE MAILED: 12/22/2003 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 



Application No. 

09/680,599 


Applicant(s) [r ,x 
WESSMAN, RICHARD R. 


Examiner 

Jacob F. Betit 


Art Unit 

2175 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)S This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 25-52 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) IEI Claim(s) 25-52 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^3 The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 

1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. §§ 119 and 120 

12)Q Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)DAH b)D Some*c)D None of: 

Certified copies of the priority documents have been received. 

Certified copies of the priority documents have been received in Application No. . 



10 
2D 
3D 



Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) Q Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data She^^Z^Q^8^7f 
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DETAILED ACTION 



Specification 



1 . The arrangement of the disclosed application does not conform with 37 CFR 
1.77(b). 

The sections headings are underlined, boldfaced, and appear in lowercase 
lettering throughout the disclosed specification. Section headings should appear in 
UPPERCASE format, and they should not be underlined and/or boldfaced. The 
underlined and boldfaced headings should be replaced with a standard font, and the 
lowercase format lettering should be replaced with uppercase format. Appropriate 
corrections are required according to the guidelines provided below: 



2. The following guidelines illustrate the preferred layout for the specification of a 

utility application. These guidelines are suggested for the applicant's use. 

Arrangement of the Specification 
As provided in 37 CFR 1 .77(b), the specification of a utility application should 
include the following sections in order. Each of the lettered items should appear in 
upper case, without underlining or bold type, as a section heading. If no text follows the 
section heading, the phrase "Not Applicable" should follow the section heading: 

(a) TITLE OF THE INVENTION. 

(b) CROSS-REFERENCE TO RELATED APPLICATIONS. 

(c) STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR 

DEVELOPMENT. 

(d) INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A 

COMPACT DISC (See 37 CFR 1.52(e)(5) and MPEP 608.05. Computer 
program listings (37 CFR 1.96(c)), "Sequence Listings" (37 CFR 1.821(c)), 



Application/Control Number: 09/680,599 
Art Unit: 2175 



Page 3 



and tables having more than 50 pages of text are permitted to be 
submitted on compact discs.) or 

REFERENCE TO A "MICROFICHE APPENDIX" (See MPEP § 608.05(a). 
"Microfiche Appendices" were accepted by the Office until March 1, 2001.) 

(e) BACKGROUND OF THE INVENTION. 

(1 ) Field of the Invention. 

(2) Description of Related Art including information disclosed under 37 
CFR 1.97 and 1.98. 

(f) BRIEF SUMMARY OF THE INVENTION. 

(g) BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S). 

(h) DETAILED DESCRIPTION OF THE INVENTION. 

(i) CLAIM OR CLAIMS (commencing on a separate sheet). 

(j) ABSTRACT OF THE DISCLOSURE (commencing on a separate sheet). 

(k) SEQUENCE LISTING (See MPEP § 2424 and 37 CFR 1.821-1.825. A 
"Sequence Listing" is required on paper if the application discloses a 
nucleotide or amino acid sequence as defined in 37 CFR 1 .821(a) and if 
the required "Sequence Listing" is not submitted as an electronic 
document on compact disc). 



Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1 ), (2), and (4) of section 371 (c) of this 
title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AIPA (pre-AlPA 35 U.S.C. 102(e)). 
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2. Claims 25, 34, and 43 are rejected under 35 U.S.C. 1 02(e) as being anticipated 
by Zjzz] (U.S. patent No. 6,185,681 B1). 

As to claim 25 Zizzi teaches a method for managing encryption within a database 
system, wherein encryption is performed automatically and transparently to a user of 
the database system (see abstract), the method comprising: 

receiving a request at the database system to store data in the database system 
(see figure 4, step 415); 

wherein the request is directed to storing data in a portion of the database 
system that has been designated as encrypted (see figure 4 step 430, where the 
decision is "Yes"); 

in response to receiving the request, automatically encrypting data within the 
database system using an encryption function to produce an encrypted data (see figure 
4, step 460); and 

storing the encrypted data in the database system (see column 7, lines 15-21). 

As to claim 34, Zizzi teaches a computer-readable storage medium storing 
instructions that when executed by a computer causes the computer to perform a 
method for managing encryption within a database system, wherein encryption is 
performed automatically and transparently to a user of the database system (see 
abstract, where "instructions" are read on "software module", and it is inherent that the 
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software most be stored on some medium), the method comprising: 

receiving a request at the database system to store data in the database system 

(see figure 4, step 415); 

wherein the request is directed to storing data in a portion of the database 

system that has been designated as encrypted (see figure 4, step 430, where the 

decision is "Yes"); 

in response to receiving the request, automatically encrypting data within the 
database system using an encryption function to produce an encrypted data (see figure 
4, step 460); and 

storing the encrypted data in the database system (see column 7, lines 15-21). 

As to claim 43, Zizzi teaches an apparatus that facilitates managing encryption 
within a database system, wherein encryption is performed automatically and 
transparently to a user of the database system (see abstract), comprising: 

a receiving mechanism that is configured to receive a request at the database 
system to store data in the database system (see column 8, lines 32-41); 

wherein the request is directed to storing data in a portion of the database 
system that has been designated as encrypted (see figure 4, step 430, where the 
decision is "Yes"); 

an encrypting mechanism that is configured to automatically encrypt data within 
the database system using an encryption function to produce an encrypted data (see 
column 9, lines 20-31): and 
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a storing mechanism that is configured to store the encrypted data in the 
database system (see column 7, lines 15-21). 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 26-28, 33, 35-37, 42, 44-46, and 51 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Zizzi (U.S. patent No. 6,185,681 B1) in view of Sutter (U.S. 
patent No. 5,924,094). 

As to claims 26, 35, and 44, Zizzi teaches 

wherein the encryption function uses a key stored in a keyfile managed by a 
security administrator (see column 9, lines 25-30); and 

wherein the encrypted data is stored using a storage function of the database 
system (see column 9, lines 32-37). 

Zizzi does not teach wherein the portion of the database system that has been 
designated as encrypted includes a column of the database system. 

Sutter teaches wherein the portion of the database system that has been 
designated as encrypted includes a column of the database system (see column 59, 
lines 10-16). 
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Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Zizzi to include wherein the portion 
of the database system that has been designated as encrypted includes a column of the 
database system. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Zizzi by the teachings of Sutter because 
wherein the portion of the database system that has been designated as encrypted 
includes a column of the database system would keep unauthorized users from 
deciphering the encrypted column of the database system. 

As to claims 27, 36, and 45, Zizzi as modified, teaches further comprising: 

receiving a request to retrieve data from the column of the database system (see 
Zizzi , column 9, lines 44-59); 

if the request to retrieve data is received from a database administrator, 
preventing the database administrator from decrypting the encrypted data; if the request 
to retrieve data is received from the security administrator, preventing the security 
administrator from decrypting the encrypted data; and if the request to retrieve data is 
from an authorized user of the database system, allowing the authorized user to decrypt 
the encrypted data (see Zizzi , column 9, lines 40-43, where any user that does not have 
authorization to decrypt the data will not be authorized to decrypt it). 



As to claims 28, 37, and 46, Zizzi as modified teaches data encryption standard 
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(DES) and triple DES as a mode of encryption (see Zizzi , column 3, lines 29-37). 

Zizzi as modified does not teach wherein the security administrator selects a 
mode of encryption for the column. 

Sutter teaches wherein the security administrator selects a mode of encryption 
for the column (see column 59, lines 11-14). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Zizzi as modified, to include 
wherein the security administrator selects a mode of encryption for the column. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Zizzi as modified, by the teachings of Sutter 
because wherein the security administrator selects a mode of encryption for the column 
would allow the security manager to select various methods of encryption strengths 
depending on the importance of the file. 

As to claims 33, 42, and 51 , Zizzi as modified, teaches wherein upon receiving a 
request from the security administrator specifying the column to be encrypted (see 
Sutter , column 60, lines 1-26, where "administrator" is read on "designer"), if the column 
currently contains data, the method further comprises: 

decrypting the column using an old key if the column was previously encrypted (it 
is obvious to one skilled in the art that the column would have to be decrypted before 
the old key could be discarded); and 

encrypting the column using a new key (see Sutter , column 60, lines 1-19). 
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5. Claims 29, 38, and 47 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Zjzzi (U.S. patent No. 6,185,681 B1) in view of Sutter (U.S. patent No. 5,924,094) 
as applied to claims 26-28, 33, 35-37, 42, 44-46, and 51 above, and further in view of 
Broaliatti et al. (U.S. patent No. 6,564,225 B1 ). 

As for claims 29, 38, and 47, Zizzi as modified, does not teach wherein the 
security administrator, a database administrator, and a user administrator are distinct 
roles, and wherein a person selected for one of these roles is not allowed to be selected 
for another of these roles. 

Broqliatti et al. teaches wherein the security administrator, a database 
administrator, and a user administrator are distinct roles, and wherein a person selected 
for one of these roles is not allowed to be selected for another of these roles (see 
column 5, lines 10-24). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Zizzi as modified, to include 
wherein the security administrator, a database administrator, and a user administrator 
are distinct roles, and wherein a person selected for one of these roles is not allowed to 
be selected for another of these roles. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Zizzi as modified, by the teachings of Broqliatti 
et al. because wherein the security administrator, a database administrator, and a user 
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administrator are distinct roles, and wherein a person selected for one of these roles is 
not allowed to be selected for another of these roles would protect important corporate 
assets (see Broqliatti et aL column 5, lines 10-14). 

6. Claims 30-32, 39-41, and 48-50 rejected. under 35 U.S.C. 103(a) as being 
unpatentable over Zizzi (U.S. patent No. 6,185,681 B1) in view of Sutter (U.S. patent 
No. 5,924,094) as applied to claims 26-28, 33, 35-37, 42, 44-46, and 51 above, and 
further in view of Bierrum et al. (U.S. patent No. 5,31 1 ,595). 

As to claims 30, 39, and 48, Zizzi as modified, teaches wherein managing the 
keyfile includes, but is not limited to: 

establishing a relationship between a key identifier and he key stored in the 
keyfile (see Zizzi , column 6, lines 3-6); 

storing the keyfile in one of, 

an encrypted file in the database system, and a location separate from the 

database system (see Zizzi , column 6, lines 1-2); 

Zizzi as modified, does not teach creating the keyfile; establishing a plurality of 
keys to be stored in the keyfile; and moving an obfuscated copy of the keyfile to a 
volatile memory within a server associated with the database system. 

Bierrum et al. teaches creating the keyfile; establishing a plurality of keys to be 
stored in the keyfile (see column 23, lines 37-44); and moving an obfuscated copy of the 
keyfile to a volatile memory within a server associated with the database system (see 
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column 20, line 61 throught column 21, line 9). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Zizzi as modified, to include 
creating the keyfile; establishing a plurality of keys to be stored in the keyfile; and 
moving an obfuscated copy of the keyfile to a volatile memory within a server 
associated with the database system. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Zizzi as modified, by the teachings of Bierrum 
et al. because creating the keyfile; establishing a plurality of keys to be stored in the 
keyfile; and moving an obfuscated copy of the keyfile to a volatile memory within a 
server associated with the database system would establish a tamper proof method of 
encrypting a file with a secure encryption key (see Bierrum et al. , column 21, lines 2-9). 

As to claims 31 , 40, and 49, Zizzi as modified, does not teach wherein the key 
identifier associated with the column is stored as metadata associated with a table 
containing the column within the database system. 

Sutter teaches wherein the key identifier associated with the column is stored as 
metadata associated with a table containing the column within the database system 
(see column 59, line 29 through 60, line 25). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Zizzi as modified, to include 
wherein the key identifier associated with the column is stored as metadata associated 
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with a table containing the column within the database system. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Zizzi as modified, by the teachings of Sutter 
because wherein the key identifier associated with the column is stored as metadata 
associated with a table containing the column within the database system would allow 
the same key to be used with the same key algorithm to encrypt multiple columns of the 
same table or multiple columns in different tables (see Sutter, column 60, lines 20-24). 

As to claims 32, 41 , and 50 Zizzi as modified, teaches further comprising 
establishing encryption parameters for the column (see Sutter column 60, lines 1-10), 
wherein encryption parameters include encryption mode, key length, and integrity type 
(see Sutter , column 59, line 10-15, where different types of encryption are used to verify 
the integrity of the file) by: 

entering encryption parameters for the column manually (see Zizzi, column 7, 
line 64 through column 8, line 6); and 

recovering encryption parameters for the column from a profile table in the 
database system (see Zizzi , column 8, lines 59-67). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jacob F. Betit whose telephone number is (703) 305- 
3735. The examiner can normally be reached on Monday through Friday 9 am to 5 pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Dov Popovici can be reached on (703) 305-3830. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 305- 
3900. 



jfb 

December 1 1 , 2003 
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